-
openoffice.org (1:2.4.1-11ubuntu2.3) intrepid-security; urgency=low
* ooo-build/patches/src680/cws-sjooh680sf01.diff: fix
"OpenOffice.org XPM Import Integer Overflow" and
"OpenOffice.org GIF Import Heap Overflow"
- CVE-2009-2949
- CVE-2009-2950
* ooo-build/patches/src680/cws-hb32showstoppers3ooh680.diff: fix
"OOO sprmTDefTable issue" and "OOO sprmTSetBrc issue"
- CVE-2009-3301
- CVE-2009-3302
* ooo-build/patches/src680/libxmlsec-CVE-2009-0217.diff: fix
internal libxmlsec copy (just the nss part)
- CVE-2009-0217
* ooo-build/patches/src680/vba-macro-properties-2.4.diff: fix vba macros
not honouring macro security settings
- CVE-2010-0136
-- Chris Cheney <email address hidden> Thu, 18 Feb 2010 12:00:00 -0600
-
openoffice.org (1:2.4.1-11ubuntu2.2) intrepid-security; urgency=low
* SECURITY UPDATE: fix integer underflow via crafted Word Document
- patches/src680/sw.safe_tdelete_tinsert.diff: adjust sprmTDelete to
properly validate the number of columns
- CVE-2009-0200
* SECURITY UPDATE: fix buffer overflow via crafted Word Document
- patches/src680/sw.safe_tdelete_tinsert.diff: adjust sprmTInsert to
properly validate the number of columns
- CVE-2009-0201
* SECURITY UPDATE: fix heap overflow via crafted EMF file
- patches/src680/wmf-pattern-brush.diff: updated to perform proper bounds
checking in EnhWMFReader::ReadEnhWMF()
- http://cgit.freedesktop.org/ooo-build/ooo-build/commit/?id=49b4e38571912a7d28c4044e5b2bd57e51c77d55
- CVE-2009-2140
* patches/src680/apply: added sw.safe_tdelete_tinsert.diff to Security
section
-- Jamie Strandboge <email address hidden> Tue, 29 Sep 2009 12:08:06 -0500
-
openoffice.org (1:2.4.1-11ubuntu2.1) intrepid-security; urgency=low
* SECURITY UPDATE: heap-based buffer overflows which may lead to arbitrary
code execution when processing crafted WMF files
- patches/src680/cws-sjfixes06.diff: fix integer overflows in
wmf/winwmf.cxx.
- http://util.openoffice.org/source/browse/util/svtools/source/filter.vcl/wmf/winwmf.cxx?r1=1.36&r2=1.36.114.1&view=patch
- CVE-2008-2237
* SECURITY UPDATE: heap-based buffer overflows which may lead to arbitrary
code execution when processing crafted EMF files
- patches/src680/cws-sjfixes09.diff: fix multiple parser flaws in
wmf/enhwmf.cxx.
- http://util.openoffice.org/source/browse/util/svtools/source/filter.vcl/wmf/enhwmf.cxx?r1=1.39&r2=1.39.114.1&view=patch
- CVE-2008-2238
-- Jamie Strandboge <email address hidden> Thu, 06 Nov 2008 15:02:51 -0600
-
openoffice.org (1:2.4.1-11ubuntu2) intrepid; urgency=low
* Remove line from rules referencing obsolete mime file which caused FTBFS.
-- Chris Cheney <email address hidden> Wed, 15 Oct 2008 13:03:54 -0500
-
openoffice.org (1:2.4.1-11ubuntu1) intrepid; urgency=low
* Resynchronise with Debian (r1195). Remaining changes:
- Add Launchpad integration support.
- Add Launchpad translations support.
- Add package openoffice.org-style-human.
- Add some Ubuntu-specific bitmaps. Adjust broffice diversions for these.
- Add path to OOo SDK wrapper script.
- Add suggests gstreamer to openoffice.org-impress.
- Add support for compressing debs with lzma.
- Add support for openjdk-6.
- Add support for shared /usr/share/doc directories.
- Add support to build l10n as a separate source.
- Add support to build on lpia.
- Add support to turn off building on sparc.
- Add Xb-Npp-xxx tags according to "firefox distro add-on suport" spec.
- Set template.desktop to not display in the menu.
- Use imagemagick instead of graphicsmagick.
* Resynchronise with ooo-build-2-4-1 (r14314).
* Add ooo-build/patches/src680/config_office-openjdk-paths.diff to correct
java build problems. Closes LP: #273268
* Add shared-mime-info mimetype file. Closes LP: #228770
* Add support for abrowser. Closes LP: #272772
* Disable java on powerpc due to cacao being broken.
* Merge debian-2-4-1 changes into ooo-build-2-4-1.
-- Chris Cheney <email address hidden> Tue, 14 Oct 2008 23:55:39 -0500
-
openoffice.org (1:2.4.1-9ubuntu2) intrepid; urgency=low
* Fix openoffice.org-impress to only recommend gstreamer0.10-good, not
-{bad,ugly,ffmpeg} since these are in universe and should not be
recommended by packages in main. LP: #275751
* Drop gstreamer0.10-{good,base} from the suggests of openoffice.org,
since this is redundant given that openoffice.org-impress recommends
them already.
-- Steve Langasek <email address hidden> Mon, 29 Sep 2008 02:00:42 -0700
-
openoffice.org (1:2.4.1-9ubuntu1) intrepid; urgency=low
* Resynchronise with Debian (r1181). Remaining changes:
- Add Launchpad integration support.
- Add Launchpad translations support.
- Add package openoffice.org-style-human.
- Add some Ubuntu-specific bitmaps. Adjust broffice diversions for these.
- Add path to OOo SDK wrapper script. Closes LP: #106546
- Add recommends gstreamer to openoffice.org-impress. Closes LP: #104685
- Add support for compressing debs with lzma.
- Add support for openjdk-6.
- Add support for shared /usr/share/doc directories.
- Add support to build l10n as a separate source.
- Add support to build on lpia.
- Add support to turn off building on sparc.
- Add Xb-Npp-xxx tags according to "firefox distro add-on suport" spec.
- Set template.desktop to not display in the menu.
- Use imagemagick instead of graphicsmagick.
* Resynchronise with ooo-build-2-4-1 (r13951).
-- Chris Cheney <email address hidden> Sun, 21 Sep 2008 14:32:22 -0500
-
openoffice.org (1:2.4.1-8ubuntu1) intrepid; urgency=low
* Resynchronise with Debian (r1177). Remaining changes:
- Add Launchpad integration support.
- Add Launchpad translations support.
- Add package openoffice.org-style-human.
- Add some Ubuntu-specific bitmaps. Adjust broffice diversions for these.
- Add support for compressing debs with lzma.
- Add support for openjdk-6.
- Add support for shared /usr/share/doc directories.
- Add support to build l10n as a separate source.
- Add support to build on lpia.
- Add support to turn off building on sparc.
- Add Xb-Npp-xxx tags according to "firefox distro add-on suport" spec.
- Set template.desktop to not display in the menu.
- Use imagemagick instead of graphicsmagick.
* Resynchronise with ooo-build-2-4-1 (r13813).
-- Chris Cheney <email address hidden> Fri, 05 Sep 2008 13:01:54 -0500
-
openoffice.org (1:2.4.1-6ubuntu1) intrepid; urgency=low
* Resynchronise with Debian (r1159).
* Remaining changes:
- debian/broffice.org.postrm.in:
. Change diversions to ubuntu bitmap filenames.
- debian/broffice.org.preinst.in:
. Change diversions to ubuntu bitmap filenames.
- debian/control.in:
. Change maintainer line.
. Use imagemagick instead of graphicsmagick.
. Change bzr repo location.
. Add package openoffice.org-style-human.
. Add replaces openoffice.org-gtk (<< 2.0.3-1) for openoffice.org-gnome
dapper upgrade.
- debian/control.l10n.in:
. Add file for Ubuntu.
- debian/control.lang.in:
. Add L10N_COMMON to Depends.
- debian/control.mozilla.in:
. Add Xb-Npp-xxx tags according to "firefox distro add-on suport" spec.
- debian/control.ubuntu-feisty.in:
. Add file for Ubuntu.
- debian/deppackage.postinst.in:
. Add file for Ubuntu.
- debian/module-po.map:
. Add file for Ubuntu.
- debian/rules:
. Add BUILD_SPARC option.
. Add USE_COMMON_DOCDIR option.
. Add USE_LZMA_COMPRESS option.
. Add support to build on lpia.
. Add support to build l10n as a separate source.
. Add support to chmod +x programs in debian dir.
. Add support to uuencode binary files in ubuntu dir.
. Add support for Ubuntu specific bitmaps.
. Add support for openoffice.org-style-human package.
. Add support for launchpad translations.
. Use imagemagick instead of graphicsmagick.
. Various Ubuntu specific changes.
- debian/scripts/convert2po:
. Add file for Ubuntu.
- debian/scripts/fix_image_rgb:
. Use imagemagick instead of graphicsmagick.
- debian/scripts/gsifilter.py:
. Add file for Ubuntu.
- debian/scripts/splitgsi:
. Add file for Ubuntu.
- debian/scripts/vars.lpia
. Add file for Ubuntu.
- debian/template.desktop.in:
. Add NoDisplay=true.
* Resynchronise with ooo-build-2-4-1 (r13216).
* ubuntu/*:
- Various Ubuntu specific changes.
-- Chris Cheney <email address hidden> Tue, 15 Jul 2008 05:01:54 -0500
-
openoffice.org (1:2.4.1-1ubuntu2) hardy-proposed; urgency=low
* Resynchronise with ooo-build-2-4-1 (r12987).
- ooo-build/patches/src680/cws-cmcfixes47-sw.diff:
. Corrects mozilla-openoffice.org on 64-bit but leaving disabled for
hardy-updates. Bug: #105553
- ooo-build/patches/src680/linkwarn-sd-no-dnd-links.diff:
. Made drag and drop add pictures to Draw/Impress by value, not by link.
Closes LP: #80442
- ooo-build/patches/src680/ooocmcfixes46.diff:
. Added fix to call xlib_surface_create_with_xrender_format with the
right screen.
- ooo-build/patches/src680/svg-import-filter.diff:
. Fixed crash in optimizeGradientStops.
- ooo-build/patches/src680/sw-field-patch-fix-competing-protection.diff:
. Workaround for the competing protection problem. Closes LP: #215420
- ooo-build/patches/src680/vcl-fix-randr-heapcorruption.diff:
. Added better fix for the RandR crashes. Closes LP: #236676
* debian/rules:
- Correct openoffice.org-help-en-us to not depend on
openoffice.org-l10n-en-us. Closes LP: #220817
* ubuntu/desktop-templates.diff:
- Correct openoffice.org-draw menu item tooltip. Closes LP: #223396
-- Chris Cheney <email address hidden> Fri, 27 Jun 2008 23:02:22 -0500
-
openoffice.org (1:2.4.1-1ubuntu1) hardy-proposed; urgency=low
* Resynchronise with Debian (r1128).
- Install also other resolutions than 48x48 for the ooo-build/desktop
icons. Closes LP: #237484
* Remaining changes:
- debian/broffice.org.postrm.in:
. Change diversions to ubuntu bitmap filenames.
- debian/broffice.org.preinst.in:
. Change diversions to ubuntu bitmap filenames.
- debian/control.in:
. Change maintainer line.
. Use imagemagick instead of graphicsmagick.
. Change bzr repo location.
. Add package openoffice.org-style-human.
. Add replaces openoffice.org-gtk (<< 2.0.3-1) for openoffice.org-gnome
dapper upgrade.
. Revert 'Only recommend -filter-binfilter' until Intrepid.
- debian/control.l10n.in:
. Add file for Ubuntu.
- debian/control.lang.in:
. Add L10N_COMMON to Depends.
- debian/control.mozilla.in:
. Add Xb-Npp-xxx tags according to "firefox distro add-on suport" spec.
- debian/control.ubuntu-feisty.in:
. Add file for Ubuntu.
- debian/deppackage.postinst.in:
. Add file for Ubuntu.
- debian/module-po.map:
. Add file for Ubuntu.
- debian/rules:
. Add BUILD_SPARC option.
. Add USE_COMMON_DOCDIR option.
. Add USE_LZMA_COMPRESS option.
. Add support to build on lpia.
. Add support to build l10n as a separate source.
. Add support to chmod +x programs in debian dir.
. Add support to uuencode binary files in ubuntu dir.
. Add support for Ubuntu specific bitmaps.
. Add support for openoffice.org-style-human package.
. Add support for launchpad translations.
. Use imagemagick instead of graphicsmagick.
. Various Ubuntu specific changes.
- debian/scripts/convert2po:
. Add file for Ubuntu.
- debian/scripts/fix_image_rgb:
. Use imagemagick instead of graphicsmagick.
- debian/scripts/gsifilter.py:
. Add file for Ubuntu.
- debian/scripts/splitgsi:
. Add file for Ubuntu.
- debian/scripts/vars.lpia
. Add file for Ubuntu.
- debian/template.desktop.in:
. Add NoDisplay=true.
* Resynchronise with ooo-build-2-4-1 (r12862).
* ubuntu/*:
- Various Ubuntu specific changes.
-- Chris Cheney <email address hidden> Tue, 10 Jun 2008 20:42:13 -0500
-
openoffice.org (1:2.4.0-3ubuntu6) hardy; urgency=low
* ooo-build/patches/src680/ubuntu-openoffice-java-common.diff:
. Added message to tell user to install openoffice.org-java-common if
java is non-functional. Closes LP: #218692
* Changed openoffice.org dependency on openoffice.org-officebean so it
is not included when java is disabled.
* Removed dependency on openoffice.orgVER by openoffice.orgVER-l10n-in and
openoffice.orgVER-l10n-za so they can be installed without OOo.
-- Chris Cheney <email address hidden> Mon, 21 Apr 2008 20:16:35 -0500
